modified: web/app.py

modified:   web/blueprints/auth.py
	modified:   web/blueprints/group_admin.py
	modified:   web/blueprints/site_admin.py
	new file:   web/limiter.py
	modified:   web/panel_db.py
	modified:   web/requirements.txt
	new file:   web/templates/429.html
	new file:   web/templates/admin/audit_log.html
	modified:   web/templates/admin/base.html

web/app.py

@@ -9,6 +9,7 @@ from flask import Flask, abort, render_template, request, session, url_for
 from config import Config
 from panel_db import init_databases, get_user_groups
 from roles import can_manage_group
+from limiter import limiter
 
 from blueprints.auth        import auth
 from blueprints.site_admin  import site_admin
@@ -33,6 +34,17 @@ def create_app() -> Flask:
     app.register_blueprint(group_admin)
     app.register_blueprint(panel)
 
+    # Rate limiter
+    limiter.init_app(app)
+
+    @app.errorhandler(429)
+    def rate_limit_exceeded(e):
+        retry_after = getattr(e, "retry_after", None)
+        return render_template(
+            "429.html",
+            retry_after=int(retry_after) if retry_after else 60,
+        ), 429
+
     # Panel-Datenbank-Tabellen anlegen
     try:
         init_databases()